Privacy Policy

Last updated: October 23, 2025

Sandy Smajic Consulting ("we," "our," or "us") operates FitPlan PRO. This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our service.

Information We Collect

We collect several types of information for various purposes to provide and improve our service to you:

  • Personal Data: Email address, name (optional), and payment information processed through GoCardless
  • Fitness Data: Age, gender, height, weight, activity level, and fitness goals
  • Usage Data: Information on how you access and use the service, including your IP address, browser type, and pages visited
  • Local Storage: We use browser local storage to save your plan preferences and payment status

How We Use Your Information

We use the collected data for various purposes:

  • To provide and maintain our service
  • To generate personalized workout and meal plans
  • To process your payments through GoCardless
  • To notify you about changes to our service
  • To provide customer support
  • To monitor the usage of our service
  • To detect, prevent, and address technical issues

Payment Processing

We use GoCardless as our payment processor. When you make a payment, your payment information is transmitted directly to GoCardless and is not stored on our servers. GoCardless is PCI-DSS compliant and handles your payment data securely. Please refer to GoCardless's privacy policy for more information on how they handle your data.

Data Security

The security of your data is important to us. We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Your Data Rights (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights:

  • The right to access, update, or delete your personal information
  • The right to rectification if your information is inaccurate or incomplete
  • The right to object to our processing of your personal data
  • The right to request restriction of processing your personal data
  • The right to data portability
  • The right to withdraw consent

Cookies and Tracking

We use browser local storage to enhance your experience and remember your preferences. This data is stored locally on your device and is not transmitted to our servers unless you explicitly submit it through our forms.

Third-Party Services

We use the following third-party services:

  • GoCardless: For payment processing
  • YouTube: For embedded exercise demonstration videos

These third parties have their own privacy policies, and we encourage you to review them.

Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this policy.

Contact Us

If you have any questions about this Privacy Policy, please contact us through the contact form on www.sandysmajic.com

Sandy Smajic Consulting

Owner: Sandy Smajic

Cybersecurity Consultant | ISO 27001, NIS2, TISAX Expert

Website: www.sandysmajic.com